Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4820T
751752753754755756757758759760
| |
| |
| |
| |
| |
|
|
| |
| |
| |
| |
+-----------------------------+
Use the ^ and v keys to select which entry is highlighted.
Press enter to boot the selected OS, 'e' to edit the commands
before booting or 'c' for a command-line.
RADIUS
Remote authentication dial-in user service (RADIUS) is a distributed client/server protocol.
This protocol transmits authentication, authorization, and configuration information between a central RADIUS server and a
RADIUS client (the Dell Networking system). The system sends user information to the RADIUS server and requests
authentication of the user and password. The RADIUS server returns one of the following responses:
Access-Accept — the RADIUS server authenticates the user.
Access-Reject — the RADIUS server does not authenticate the user.
If an error occurs in the transmission or reception of RADIUS packets, you can view the error by enabling the debug radius
command.
Transactions between the RADIUS server and the client are encrypted (the users’ passwords are not sent in plain text). RADIUS
uses UDP as the transport protocol between the RADIUS server host and the client.
For more information about RADIUS, refer to RFC 2865, Remote Authentication Dial-in User Service.
RADIUS Authentication
Dell Networking OS supports RADIUS for user authentication (text password) at login and can be specified as one of the login
authentication methods in the
aaa authentication login command.
When configuring AAA authorization, you can configure to limit the attributes of services available to a user. When you enable
authorization, the network access server uses configuration information from the user profile to issue the user's session. The
user’s access is limited based on the configuration attributes. RADIUS exec-authorization stores a user-shell profile and that is
applied during user login. You may name the relevant named-lists with either a unique name or the default name. When you
enable authorization by the RADIUS server, the server returns the following information to the client:
Idle Time
ACL Configuration Information
Auto-Command
Privilege Levels
After gaining authorization for the first time, you may configure these attributes.
NOTE: RADIUS authentication/authorization is done for every login. There is no difference between first-time login and
subsequent logins.
Security 754